Feed aggregator

Guest Stars and Titles for the Doctor Who Series 12 Finale Revealed!

Blogtor Who - Thu, 02/06/2020 - 21:10

Ian McElhinney, Julie Graham, and Steve Toussaint will face the Ascension of the Cybermen and The Timeless Children Ian McElhinney (Game of Thrones), Julie Graham (Survivors), and Steve Toussaint (Line of Duty) are set to appear in the explosive two part finale of Doctor Who Series 12.  And just as the Doctor comes face-to-face with […]

The post Guest Stars and Titles for the Doctor Who Series 12 Finale Revealed! appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Adposhel adware takes over browser push notifications administration

Malwarebytes - Thu, 02/06/2020 - 18:10

Since late last year, our researchers have been monitoring new methods being deployed by cybercriminals to potentially abuse browser push notifications. Now, an adware family detected by Malwarebytes as Adware.Adposhel is doing just that, taking control of push notifications in Chrome at the administrator level.

What does Adposhel adware do?

The adware uses Chrome policies to ensure that notification prompts will be shown to users ands add some of its own domains to the list of sites that are allowed to push browser notifications. So far nothing new. The recent twist, however, is that Adposhel enforces these settings as an administrator, meaning a regular Chrome user will not be able to change the settings in the notifications menu.

It seems the adware family has now decided to fully deploy this tactic, as we are seeing complaints about it emerging on forums, such as Reddit.

Victims have complained about being unable to remove domains from the list of domains that are allowed to show push notifications, and being unable to change the setting that control whether websites can ask you to allow notifications.

Disabling that setting would stop a user from seeing prompts like these:

If a user were to click Allow on that prompt, this domain would be added to their allowed list of URLs, with the understanding that it could be removed manually in the notifications menu.

Adposhel uses the NotificationsAllowedForUrls policy to block users from removing their entries from the Allow list.

Where you would normally see the three dots (ellipsis) menu icon representing the settings menu, entries submitted to a policy by Adposhel will see an icon telling you the setting is enforced by an administrator.

If you hover over the icon, the accompanying text confirms it.

How do I undo the changes made by Adposhel adware?

This does not mean that you can change that setting just because you are the administrator of the system you are working on, by the way. But if you are the system administrator, you can fix the notification changes made by the Adposhel installer by applying a simple registry fix:

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome] "DefaultNotificationsSetting"=dword:00000001 [-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\NotificationsAllowedForUrls]

This is safe to do unless there were legitimate URLs in the list of URLs that were allowed to show notifications by policy, which I doubt. But we always advise to create a backup of the registry before making any changes.

 Backing up Registry with ERUNT

Modifying the registry may create unforeseen results, so we always recommend creating a backup prior to doing that.

Please download ERUNT and save the file to the desktop.

  • Install ERUNT by following the prompts, but say No to the portion that asks you to add ERUNT to the startup folder.
  • Right-click on the icon and select Run as Administrator to start the tool.
  • Leave the default location (C:\WINDOWS\ERDNT) as a place for your backup.
  • Make sure that System registry and Current user registry are ticked.
  • The third option Other open users registries is optional.
  • Press OK to backup and then press YES to create the folder.

This tool won’t generate a report. You may uninstall it after you’re done cleaning.

Protection and detection

Malwarebytes detects the installers as Adware.Adposhel.

The URLs enforced by this Adpohel-induced Chrome policy are detected as Adware.ForcedNotifications.ChrPRST.

IOCs

Domains:

aclassigned.info chainthorn.com cityskyscraper.com concreasun.info dimlitroom.com durington.info efishedo.info enclosely.info insupposity.info nineteducer.info oncreasun.info parliery.info qareaste.info stilysee.info suggedin.info

Stay safe, everyone!

The post Adposhel adware takes over browser push notifications administration appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Crack & Lash Blackmoor & Beyond - Using A0-A4: Against the Slave By Lords David "Zeb" Cook, Allen Hammack, Harold Johnson, & Tom Moldvay For Your Old School Campaigns

Swords & Stitchery - Thu, 02/06/2020 - 17:58
Taking a long look at that slave lords organization from A0-A4  Against the Slave Lords specifically the collected 'super module' that came out way back in 2016 or so. I think that slave lords is a perfect example of a Pulp era Swords & Sorcery secret villain organization. They & the organization's members are specifically like a revolving door of scum & villainy. The slave lords are Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

MOOGLYCAL2020 – BLOCK #3

Moogly - Thu, 02/06/2020 - 16:00

Three’s company with MooglyCAL2020 Block #3! Designed by Jessie Rayot of Jessie At Home, it’s cute, fun, and interesting all the way through! Read on for all the details, and for the link to Block #3 in this free year-long crochet along! Disclaimer: This post includes affiliate links; materials provided by Yarnspirations, Furls, and Chetnanigans....

Read More

The post MOOGLYCAL2020 – BLOCK #3 appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

0
Categories: Crochet Life

1372

Looking For Group - Thu, 02/06/2020 - 05:00

The post 1372 appeared first on Looking For Group.

Categories: Web Comics

Weird Revisited: Spacehunters

Sorcerer's Skull - Thu, 02/06/2020 - 01:07
A variety of real life stuff has led to little time to prep the next installment of my Talislanta series. Instead, enjoy this post whose original version was presented in February of 2017.

Luis RoyoWatching The Expanse brought to mind a game I ran in GURPS perhaps decade ago. A "hard" science fiction thing using a lot of stuff from Transhuman Space put giving it more of a Cowboy Bebop spin: a little bit cyberpunk, a little bit 70s action film.

Howard ChaykinIf I ever ran a similar game again, besides using a system besides GURPS, I think I would draw more visually from '80s and 80's sci-fi, borrowing some elements from things like American Flagg! and 80s cyperpunk rpgs. The players' would still be ne'er-do-well, planet-hopping bounty hunters/troubleshooters but with a different skin.

Janet Aulisio

Fintech security: the challenges and fails of a new era

Malwarebytes - Wed, 02/05/2020 - 19:24

“I have no idea how this app from my bank works, and I don’t trust what I don’t understand.” Josh is not an old curmudgeon or luddite. He’s 42 with a decent understanding of technology. Nevertheless, the changes in fintech have come too fast for him. It’s not that he doesn’t trust his bank. He doesn’t trust himself to use and manage the banking app securely.

The world we live in has gone through some noticeable changes in the last decade. This is certainly true for the banking industry, which has grasped onto the concept of fintech as nearly interchangeable with finance. However, fintech—or computer programs and other technology used to support banking and other financial services—is the fastest-growing sector in venture capital. It may encompass anything from cryptocurrency to mobile payment apps.

The groundwork was laid for the rise of fintech through a series of major incidents over the last 10 years. These include:

  • The banking crisis and subsequent Great Recession of 2007–2009. If you had told someone 15 years ago that a number of big-name banks would not survive the decade, they would have laughed at you. Yet, the list is long.
  • New currencies introduced into the playing field, especially crypto. Bitcoin started in 2009, and hundreds of other cryptocurrencies have since followed suit.
  • Negative interest rates. Cash deposits incur a charge for storage at a bank rather than gaining interest. Some banks have to pay money to store their surplus in funds at national banks because of the negative interest rates. Some banks even charge their customers with this negative interest.
  • New players have entered the field that are different from the establishment. Some are related to the development of cryptocurrencies, but others simply look at financial business in a new and unique way.
  • Customers are increasingly expecting their payments to reach their destination account on the same day. This also helps the bank itself, as it reduces the amount they need to store against a negative interest.
What is fintech?

The hardware and software used in the financial world is generally referred to as fintech. But the expression is also used to describe the startups in the financial world. In this article it will be used to describe the technology as many of the settled financial institutions feel they need to adapt to the same new technology that the startups offer their customers. Because of this we can find these new features in banking and other financial applications both in the apps of accomplished firms along with those of the new financials.

Fintech security

While it may come as less than a surprise that Fintech startups are struggling with security, sometimes the established names surprise us with how easily they fall prey to data breaches, malware attacks, or compromised apps.

One of the reasons why some of the fintech startups are so successful lies in their ability to offer alternatives to conventional financial solutions through cryptocurrencies, online loans, and P2P. Along comes a variety of challenges and one of these challenges piques our interest: cybersecurity. To name one aspect, the huge growth in the number and size of online platforms makes this industry very vulnerable to security breaches.

Some of the problems

The introduction of new features sometimes looks as if they were done in a rush and without keeping in mind how secure they are and how clever crooks could abuse them. For example, a mobile banking app that allowed users to add an extra phone to control their account by simply scanning a QR code ended up cleaning out a few bank accounts. Clever imposters tricked people into adding their phone leaving the imposter in full control of the account.

Payment requests leading to fake websites are a quickly rising threat as banks are rolling out this feature. As always with newer technology, fraudsters benefit from the victim’s unawareness of how things work exactly. Someone pretending to buy from you on an online market can send you a payment request for the amount you are expecting. All you have to do is click “Accept” and enter your pin. And then find out that you paid them instead of the other way around.

Fake bank websites in general have been a problem for many years and this will probably remain a problem for some time to come. Most of the times these fake sites are designed to harvest login and payment credentials from the visiting victims. And they are very hard to distinguish from the real bank websites as the threat-actors simply copy all the content and layout from the original sites. And urging customers to look for the green padlock is hardly useful advice anymore.

Payment providers and online shops are plagued by web skimmers. As we have reported frequently especially there are several Magecart groups who are very active at this front. Payments are intercepted and payment card information stolen using compromised e-commerce sites.

And then there is virtual money, or since most money nowadays is virtual to some level, let’s talk about cryptocurrencies in particular. While the introduction of cryptocurrencies was intended to open up a whole new world of payment options, it also opened a virtual cesspit of options to be defrauded. The absence of a central authority gave way to types of fraud and robbery that were unheard of in the old school banking world. Huge steals from marketplaces, bank-owners running with the funds entrusted to them, stolen hot wallet credentials, and let’s not forget drive-by-mining. We covered many of these crimes in our blog about Bankrobbers 2.0.

Financials of all kinds have suffered data breaches in all sorts and sizes. From huge ones like Equifax and Capital One to equally painful ones, for those involved, like the one at P&N bank where sensitive account information was spilled.

Ransomware operators are particularly fond of financials as they usually can afford to pay large sums and they are invested in getting operations back up and running in a hurry. Travelex took the high road and refused to pay the ransom demand made after being hit with Ransom.Sodinokibi.

Privacy concerns

With governments asking for full disclosure of savings both offshore and internal, and on the other hand enforcing privacy laws, financial institutions are expected to balance these demands while keeping their customers on board.

With GDPR in Europe leading the way, financials should be ready or get ready to comply with GDPR or similar laws that apply to them and their customer base.

Countermeasures

The financial industry is considered to be vital infrastructure and for good reason. When we lose trust in our financial institutions, it turns our society upside down. When the paper is no longer worth the number printed on it, or you cannot withdraw money from your account, that rattles the bases of our economy.

Fintech needs to adapt a more security focused approach to developing new features, especially in their mobile apps. It also wouldn’t hurt to provide customers with elaborate instructions on how to safely use the new app or new features of the app.

As a financial startup you want to grow fast. But growing fast comes with its own problems. Making sure your security measures can scale along with your growth is a must. Unless you want to find yourself restricted in your growth or notice your security to start cracking at the seams.

However frustrating it may turn out to be, financials need to think about better identity management and control. Is it enough when someone is logged into an account to allow that entity to fully control the account? Or de we need to add another factor for special actions like raising the maximum amount, allowing withdrawals abroad, or even for transactions that are larger than normal.

Fintech startups can’t expect to get away with security mistakes that other startups might. Being in the financial sector brings with it different responsibilities and expectations.

As I’ve written before: It is key that our financial institutions protect our dollars and our data so that we can keep investing our money and our trust in them.

Stay safe, everyone!

The post Fintech security: the challenges and fails of a new era appeared first on Malwarebytes Labs.

Categories: Techie Feeds

The Amazon Factor - - Cha'alt/Godbound Campaign Commentary With Shield Maidens of Sea Rune Produced for Judge's Guild By Bryan Hinnen & Dan Hauffe

Swords & Stitchery - Wed, 02/05/2020 - 19:23
For my  Cha'alt/Godbound campaign everyone knows I've been looking over my own old school resources & dipping back into my notes & archives. But maybe I've been missing the one faction that's been right in front of me?! Let's talk about the nine hundred pound ten thousand strong army massing across Arizona that my PC's are gonna run into at some point. The unknown quantity in the mix of the Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

GFL – Page 0011

Looking For Group - Wed, 02/05/2020 - 14:30

Grouping For Looks is a page-by-page retelling of the Looking For Group saga through the lens of a mirror universe where Cale is a goateed tyrant and Richard is a holy soul trying to set him on a good path. […]

The post GFL – Page 0011 appeared first on Looking For Group.

Categories: Web Comics

Flying Fortress of the Celestial Order

Ten Foot Pole - Wed, 02/05/2020 - 12:11
By Radulf St. Germain Studio St. Germain OSR? Generic? 5e? "Lower Levels"

The  city of  Shallow Bay  is preparing for  the greatest social  event of the year when  an eagerly-expected shipment of ball gowns goes missing. Rumors abound of goblins gathering in large gangs to cut off all commerce to the city. While  all seems like a routine job for adventurers there are hints of some sinister ancient evil pulling the strings in the background. Can the party save the Day of the Revered Ancestors and what will they find as they  become embroiled deeper and deeper into the machinations of the mysterious Celestial Order?

This 29 page adventure has a loose plot to it combined with a sandboxy format. Probably meant  for 5e, it’s presented without stats. Dripping with the kind of flavour I wish all adventures had, this things fatal flaw is its organization, an arrow that has taken down many a sandboxy adventure. I started to ask myself, during this review, “Man, is it worth it to highlight this thing and create some reference sheets?” That’s a good sign.

This thing has style! The city it is set in was founded by a Lich, overthrown many many years ago, with his phylactery rumored to still be around. The hook is a shipment of ball gowns in a caravan that gets raided … what will the local fops wear to the Day of the Revered Ancestors ball? (A little Lexx mixed up in your fantasy, maybe?) The elemental earth cult? It’s not an earth cult. It’s not THE cult of elemental earth. It’s called The Shallow Grave Consortium … and the leader sleeps in a barrow. The local bar, the Drunken Sailor, is known for its knife fights and shady dealings. The local guy who informally heads up the fisherman in town is not opposed to organizing a beating for those who show disrespect. There’s a flying fortress with a giant brass flywheel on it (it’s the air cult, chill out) and it’s been grounded, anchored via … a literal giant anchor with a huge fish … sculpture? swallowing it. And that’s not even described, it’s just shown in a little sketch drawing. Time and time again this thing hits with the sort of specificity that makes an adventure feel ALIVE. Fuck the generic Earth Cults and long live the Shallow Grave Consortium!

Over and over again. The NPC’s are given brief little bursts of flavour that a DM can hang their hat on. The cult leader is highly dramatic and listens to an invisible advisor. The raven spy looks down on beings who cannot fly. (Get it?! Get it?!)  People are described as corpulent, or noble matrons, or the Pointy Hat goblin tribe who wears … Wear huge pointy helmets and sport huge mustaches. They have no real boss.” The flesh golem that shows up is not a Frankenstein’s Monster, or even a Frankensteins Monster monster Frankenstein, but in the form of a giant snake. A noble matron thinks the mayor is a vain idiot. It goes on and on and on. The adventure elements are strong. It’s something that the DM can work with … if it does, at times, trend a bit to the absurdit side of the line, hopping over a time or two but not taking up full residency. 

It’s also trying to help the DM out. There’s a one page cheat sheet that describes the adventure. There’s a flowchart of events, since this is ultimately a sandbox plot of the villains trying to do something more than linear adventure. It even has notes on the flowchart of what happens if the current “activity” is foiled by the party. There’s DM advice in places, like suggesting fires in the windmill used to grind flour may result in an explosion. There’s even a couple of pages of tables at the end full of charts that can be used to create flavourful little houses in town, full of secrets and plots and the like. 

But, it’s TRYING to help the DM, and not actually doing so. The cheat sheet only really makes sense after going through the adventure the first time, so it doesn’t orient as much as summarize. The flowchart may be the best part, but the section headings it refers to could be labeled/organized stronger. For it’s attempts at helping it’s still kind of a glorious mess.

There’s a lot of repetition of information, and meaningless information at that. It’s using a kind of free text/paragraph format, with certain words in italics to draw the eye. That’s not the strongest way to organize, especially given the amount of extraneous text in the adventure. There’s a decent number of NPC’s, and some kind of summary sheet would have useful to help the DM during play. I don’t know how to say this and get it to come across right. The section headings and extraneous text weaken the adventure to the point where it’s kind of hard to figure out how to run it and what’s going on, and that’s with the flowchart and cheatsheet. This is a sandbox sort of issue, in general; finding a way to organize the material for quick reference during play in an unorganized play style is no small feat. 

This thing drips with flavor. It references some princes of the Apocalypse creatures, and is a better PotA chapter than a real PotA chapter. I’m keeping it as “generic” since it’s stateless, and the only stat reference is to reference some 5e monsters in the end in order to localize it. I might suggest the same for some LabLord creatures as well; it would be a helpful touch. Treasure, is, of course, light given the generic/5e flavour.

So is it worth it? Not to me. There’s just a bit too much effort in pulling things together. I will say though that St. Germain has their shit together with respect to flavour and “arc without having a plot.” You might even say there’s a nod to Rients with a flying fortress showing up to raid the town. Some serious work in massaging the text in to a format to make it more easily runnable at the table would marry that to the flavour and make it something decent to run.  I do, though, look forward to seeing future efforts by this designer to see if they can figure things out.

This is Pay What You Want at DriveThru with a suggested price of $2. The preview is four pages. It gives you an overview of some of the factions, actors, and locations. For this sort of sanboxy sort of adventure it’s an appropriate preview, showing you the sort of information transfer, flavour, and organization you can expect. Take a look at it and note both the flavour and the extraneous text and how it’s not exactly the best at declaring where you are and what’s important.


https://www.drivethrurpg.com/product/300908/Flying-Fortress-of-the-Celestial-Order?1892600

Categories: Tabletop Gaming Blogs

Hookin On Hump Day #208: A Yarny Link Party!

Moogly - Wed, 02/05/2020 - 02:00

Hookin On Hump Day has its own beautiful palette of designs this round – and they’re all crochet, and all free! And they are all about staying warm and cozy! Be sure to check them out – as well as the new entries below – and let them know you found them on HOHD! What...

Read More

The post Hookin On Hump Day #208: A Yarny Link Party! appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

0
Categories: Crochet Life

Matters of State & Megadungeon - ACK's Dwimmermount & Dave Cook's X5 Temple of Death - Cha'alt/Godbound Campaign Commentary

Swords & Stitchery - Tue, 02/04/2020 - 18:27
"The gates of Dwimmermount have opened. After years of rumors, it is time to discover the secrets of this vast mountain fortress for yourself…"For my  Cha'alt/Godbound campaign I've been looking over any number of old school resources but I stettled upon one that speaks to me from an earlier part of the OSR.  Finding a copy of ACK's Dwimmermount is utterly ridiculous, its like find a needle Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Washington Privacy Act welcomed by corporate and nonprofit actors

Malwarebytes - Tue, 02/04/2020 - 16:35

The steady parade of US data privacy legislation continued last month in Washington with the introduction of an improved bill that would grant state residents the rights to access, control, delete, and port their data, as well as opting out of data sales.

The bill, called the Washington Privacy Act, also improves upon its earlier 2019 version, providing stronger safeguards on the use of facial recognition technology. According to some analysts, when compared to its coastal neighbor’s data privacy law—the California Consumer Privacy Act, which went into effect this year—the Washington Privacy Act excels.

Future of Privacy Forum CEO Jules Polonetsky called the bill “the most comprehensive state privacy legislation proposed to date.”

“It includes provisions on data minimization, purpose limitations, privacy risk assessments, anti-discrimination requirements, and limits on automated profiling that other state laws do not,” Polonetsky said.

Introduced on January 20 by state Senator Reuven Carlyle, the Washington Privacy Act would create new responsibilities for companies that handle consumer data, including the implementation of data protection processes and the development and posting of privacy policies.

Already, the bill has gained warm reception from corporate and nonprofit actors. Washington-based tech giant Microsoft said it was encouraged, and Consumer Reports welcomed the thrust of the bill, while urging for even more improvements.

“This new draft is definitely a step in the right direction toward protecting Washington residents’ personal data,” said Consumer Reports Director of Consumer Privacy and Technology Policy Justin Brookman. “We do hope to see further improvements to get rid of inadvertent loopholes that remain in the text.”

What the Washington Privacy Act would do

Like the many US data privacy bills introduced in the past 18 months, the Washington Privacy Act approaches the problem of lacking data privacy with two prongs—better rights for consumers, tighter restrictions for companies.

On the consumer side, the Washington Privacy Act would grant several new rights to Washington residents, including the rights to access, correct, delete, and port their data. Further, consumers would receive the right to “opt out” of having their personal data used in multiple, potentially invasive ways. Consumers could say no to having their data sold and to having their data used for “targeted advertising”—the somewhat inescapable practice that results in advertisements for a pair of shoes, a fetching sweater, or an 4K TV following users around from device to device. 

Consumers could exercise their rights with simple requests to the companies that handle their data. According to the bill, these requests would require a response within 45 days. If a company cannot meet that deadline, it can file for an extension, but it is required to notify the consumer about the extension and about why it could not meet the deadline.

Further, unfulfilled requests are not a dead end for consumers—companies must also offer an appeals process to the consumers whose requests they deny or do not fulfil. Requests must also be responded to free of charge, up to two times a year per consumer.

Perhaps one of the most welcome provisions in the bill is its anti-discrimination rules. Companies cannot, the bill says, treat consumers differently because of their choices to exert their data privacy rights. On the surface, that makes dangerous ideas like “pay-for-privacy” schemes much harder to enact.

Concerning new business regulations, the Washington Privacy Act separates the types of companies it applies to into two categories: “controllers” and “processors.” The two terms, borrowed from the European Union’s General Data Protection Regulation (GDPR), have simple meanings. “Controllers” are the types of entities that actually make the decisions about how consumer data is collected, shared, or used. So, a small business with just one employee who decides to sell data to third parties? That’s a controller. A big company that decides to collect data to send targeted ads? That’s a controller, too.

Processors, on the other hand, are akin to contractors and subcontractors that perform services for controllers. So, a payment processor that simply processes e-commerce transactions and nothing more? That’s a processor.

The Washington Privacy Act’s new rules focus predominantly on “controllers”—the Facebooks, Amazons, Twitters, Googles, Airbnbs, and Oracles of the world.

Controllers would have to post privacy policies that are “reasonably accessible, clear, and meaningful,” and would include the following information:

  • The categories of personal data processed by the controller
  • The purposes for which the categories of personal data are processed
  • How and where consumers may exercise their rights
  • The categories of third parties, if any, with whom the controller shares personal data

If controllers sell personal data to third parties, or process it for targeted advertising, the bill requires those controllers to clearly disclose that activity, along with instructions about how consumers can opt out of those activities.

Separately, controllers would need to perform “data protection assessments,” in which the company looks at, documents, and considers the risks of any personal data processing that involves targeted advertising, sale, and “profiling.”

The regulation of “profiling” is new to data privacy bills. It’s admirable.

According to the bill, “profiling” is any form of automated processing of personal data to “evaluate, analyze, or predict personal aspects concerning an identified or identifiable person’s economic situation, health, personal preference, interests, reliability, behavior, location, or movements.”

In today’s increasingly invasive online advertising economy, profiling is omnipresent. Companies collect data and create “profiles” of consumers that, yes, may not include an exact name, but still include what are considered vital predictors about that consumer’s lifestyle and behavior. 

These new regulations make the Washington Privacy Act stand out amongst its contemporaries, said Stacey Gray, senior counsel with Future of Privacy Forum.

“The big picture of the bill is that includes the same individual rights as the California Consumer Privacy Act—of access, sale, et cetera—and then more,” Gray said. “The right to correct your data, to opt out of targeted advertising, and out of profiling—that is further on the individual rights side.”

Gray added that the bill’s business obligations also go further than those in the CCPA, naming the data risk assessments previously discussed.

The Washington Privacy Act includes several more business obligations, all of which add up to meaningful data protections for consumers. For instance, companies would need to commit to data minimization principles, only collecting consumers’ personal data that is necessary for expressed purposes. Companies would also need to obtain affirmative, opt-in consent from consumers before processing any “sensitive data,” which is any data that could reveal race, ethnicity, religion, mental or physical health conditions or diagnoses, sexual orientations, or citizenship and immigration statuses.

But perhaps most intriguing in the Washington Privacy Act is its regulation of facial recognition technology.

Facial recognition provisions

In 2019, Washington state lawmakers crafted a bill aimed at improving the data privacy protections of consumers. They called it… the Washington Privacy Act. That original bill, which has now been substituted the 2020 version, included provisions on the commercial use of facial recognition.

On its face, the new rules looked good: Companies that used facial recognition tech for commercial purposes would have to obtain consent from consumers “prior to deploying facial recognition services.”

Unfortunately, the original bill’s very next sentence made that consent almost meaningless.

According to that bill, consumer “consent” could be obtained not by actually asking the consumer about whether they agreed to having their facial data recorded, but instead, by posting a sign on a company’s premises.

As the bill stated:

“The placement of conspicuous notice in physical premises or online that clearly conveys that facial recognition services are being used constitute a consumer’s consent to the use of such facial recognition services when that consumer enters those premises or proceeds to use the online services that have such notice, provided that there is a means by which the consumer may exercise choice as to facial recognition services.”

The length of the explainer is as broad as the exception it allows.

This loophole upset several privacy rights advocates who, in February 2019, sent a letter to key Washington lawmakers.

“[W]hile the bill purportedly requires consumer consent to the use of facial recognition technology, it actually allows companies to substitute notification for seeking consent—leaving consumers without a real opportunity to exercise choice or control,” the letter said. It was signed by Consumer Reports, Common Sense, Electronic Frontier Foundation, and Privacy Rights Clearinghouse.

The 2020 bill closes this loophole, instead requiring affirmative, opt-in consent for commercial facial recognition use, along with mandatory notifications—such as signs—in spaces that use facial recognition technology. The new bill also requires processors to open up their data-processing tools to outside investigation and testing, in an effort to root out what the bill calls “unfair performance differences across distinct subpopulations,” such as minorities, disabled individuals, and the elderly.

Moving the Washington Privacy Act forward

Despite the 2019 Washington Privacy Act gaining swift approval in the Senate two months after its January introduction, the bill ultimately failed to reach the House. Multiple factors led to the bill’s failure, including the bill’s definitions for certain terms, its approach to enforcement, and its treatment of facial recognition.

Some of those same obstacles could come up for the 2020 bill, Gray said.

“If this bill does not pass this year, that’s where we might see a source of conflict—is either with the facial recognition provisions, or with enforcement,” Gray said. For enforcement to take hold, Gray said the Attorney General’s office—tasked with regulation—will need increased funding and staffing. Further, there will likely be opposition to the bill’s lack of “private right of action,” which means that consumers will not be able to individually file lawsuits against companies that they allege violated the law. This issue has been a sticking point for data privacy legislation for years.

Still, Gray said, the bill shows improvement from its 2019 version, which could help push it forward.

“All things aside,” Gray said, “we’re more optimistic than last year about it passing.”

The post Washington Privacy Act welcomed by corporate and nonprofit actors appeared first on Malwarebytes Labs.

Categories: Techie Feeds

The Voice

Yarn Harlot - Tue, 02/04/2020 - 15:42

This post comes to you from Banff, Alberta. Joe’s been working out this way a bit, and so I flew down to meet him, and we’ll have a quick ski before I go home and he goes back to work, and then the two of us are grounded soon as we enter the “On Call” phase for Megan and the impending grandbaby.  The on call phase is quite long. I had that crazy mad dash to make it home when Elliot decided to make an early appearance, so we’re not taking any chances with this baby.  Could be as shifty as her brother.

I think this pressure, this worry that the baby will be here soon and I’ll run out of time and nothing will be done contributed to a fairly disastrous knitting week.  I’ve got the blanket underway of course, and a romper and I sort of think I could finish a onsie (if I started a onsie) and they were both going really well, if by really well you understand that there was progress, but I was having some sort of dis-associative episode where The Voice tried to deal with me.

This is one of my best tricks – ignoring The Voice. When I was a younger knitter it was easy to ignore the voice.  I’d be knitting along, and The Voice would say something like “This looks a little big” and I’d say “what the hell do you know?  You are The Voice of insecurity, of doubt, of low self-esteem. Get off me.” Then The Voice would say “You know what? You’re right, either one of us could be correct here. Good luck.”  At some point it dawned on me that The Voice was almost always right. The Voice was actually helpful.  It would whisper tips, like “that gauge looks a little funky are you sure you want to skip washing the swatch?”  Or it would humbly offer something like  “Hey, can we take a minute and connect our knowledge of the size of your bust and the size of this sweater and see if we’re still both onside with this?” Or “That increase looks like crap and you know it.”

Over time The Voice has proven that while it seems like a pain in the arse, its prime directive is really nice knitting and it doesn’t need to shush up and not talk to me. It is me. It is not my low self esteem, it isn’t interfering with me, it’s not trying to wreak my fun, it is yay verily the voice of my experience and it is trying to run quality control on my knitting.  I am interested in making things that are nice, so now I try to listen to The Voice.

(Someone will ask, the romper is the Spring into Summer Romper)

I can only assume then, that when earlier this week The Voice said “Hey wow. You’ve chosen the wrong border for this blanket, it’s going to be way too tall.” And “Yo, Steph, the gauge on that romper is bananapants that’s the size of a toddler not a newborn what the hell.” (The Voice has poor punctuation skills. Always has.) When The Voice said that – I blame the stress of the impending baby for what I said to it, which was “No, no, we’re good.”  The Voice (which counts persistence among its skills) said “No Steph, that border is wrong and the romper is huge.” And I’m pretty sure that I replied with something like “HEY C’MON VOICE DON’T PULL THIS I AM RUNNING OUT OF TIME”.

This might have worked.  I might have been able to bully The Voice, but The Voice (which is, after all, me) has a rather amazing secret weapon.  Truth.  The Voice simply replied with “Oh.  Cool.  I wouldn’t want you to run out of time for to knit substandard junk for your grandkid. Peace out.  Mwah.”

With that, I went and got a tiny skinny knitting needle, counted all the rounds back to the beginning of the border, picked up the last round of stitches before I started it, and then attached the whole shebang to the ball winder.*  When I was done, I went and got the romper (which I had charmingly blocked to try and make it smaller – protip, nope) and ran that through the ballwinder too, and pulled out the whole thing.  I even let Elliot have a go.  He must have been bothered by the whole thing.  He had a very serious face on, like he was part of some sort of sad event, and towards the end as he turned the handle at the romper funeral, looked up at me and said “Why Grammy? Why winder?”

I told him the truth.  I had made some mistakes and the knitting was no good. I didn’t do it properly. It hadn’t worked.   Elliot looked at me, patted my arm and said “It’s okay Grammy.  You can just try again.” **

Thanks buddy. Tell it to The Voice.

*I know this seems a little funny, but it is the fastest, easiest way to pull back a project with a million complicated stitches.  It’s sort of like a lifeline after the fact.  If you’d run a lifeline, this would be even easier.  Run the super skinny (like 2mm) needle through all the stitches of the lifeline, then rip back. Voila, the round is on the needles, with no chance of messing up the lace. I pull out the upper, working needle as I pick up the round below. 

**I complimented Meg and Alex for this, for working on raising a nice resilient kid, and Meg gave all the credit to MagnaTiles. 

(PS. We still have room for the Spring Retreat – details here, though I’ll talk more about it soon.)

Categories: Knitting Feeds

Off The Shelf – Mechawhales!

Looking For Group - Tue, 02/04/2020 - 14:44

Tuesdays, Costello takes a toy off one of his shelves and explains how it got there to begin with. You know how the Internet is. You see a thing, you like it, maybe even Like it, you look at it […]

The post Off The Shelf – Mechawhales! appeared first on Looking For Group.

Categories: Web Comics

4 Pop-Culture Assumptions That Dungeons & Dragons Destroyed

DM David - Tue, 02/04/2020 - 11:56

The media keeps telling us how we, the geeks, have won popular culture. A show with dragons became prestige television, and networks keep aiming to produce  the next Game of Thrones. A minister I know boasted that she was a member of her high school Dungeons & Dragons club. The Return of the King won best picture. Fan culture is everywhere. So we forget that in the early days, when D&D burgeoned by word-of-mouth, no one had seen anything like it.

Of course, little in D&D stands as completely new, but in the 70s, unless you joined a tiny cult of miniature gamers interested in fantasy, the game defied understanding. Unless you followed a few, obscure genre authors, you would never have seen anything like it. You shared popular assumptions that D&D would explode.

1. Fantasy is for children and a few oddballs.

Forget the The Lord of the Rings, and then name a work of fantasy that was widely known before D&D. Anything you name is a fairy tale or fable—something for children. Conan? He’s a comic book character. Every grown up knows comics are for children. Now consider The Lord of the Rings. It enjoyed enough popularity to get cited by Led Zeppelin and some other long hairs, but when Hollywood tried to trade on its popularity, they added musical numbers. Hollywood did not think they could reach a big enough audience of oddballs, so they adapted for children.

In making the 1978 movie Superman, the producers needed adults to see a movie about what they saw as a children’s character. Imagine marketing a Thomas the Tank Engine film to adults. To free grown ups from the embarrassment of buying tickets, they gave a fortune to Important Actor Marlon Brando. For 15 minutes of screen time, Brando received $3.7 million up front, plus 11.75% of the film’s take, right off the top. The film’s marketing rested heavily on the actor’s performance. All so grown ups could gain an excuse to see the movie on date night.

As a kid in the 70s, All the fantasy I knew came from picture books. Stories where trolls lived under bridges and bugbears under beds. Nothing prepared me for a game inspired by Appendix N. A game where trolls lived in dungeons and refused to die. The original Monster Manual revealed beholders, mind flayers, chromatic dragons and countless other dreadful wonders that filled me with excitement.

The public’s unfamiliarity with fantasy contributed to the panic that surrounded D&D in the 80s. God fearing adults saw their teenagers obsessed with spells and children’s fairy tale nonsense, but darker and more violent. They settled on the only logical explanation, demon worship, because the culprit could not possibly be a really fun game.

Meanwhile, I worked to find the books named in The Dragon’s Giants in the Earth column and later in Appendix N. I found none. Admittedly, I suffered the disadvantage of shopping from a mall bookstore. I knew nothing of used book stores or inter-library loan. Nonetheless, few of Gary Gygax’s inspirations remained in print. Today, fantasy books of all stripes crowd the shelves. Then, I took years to collect the books that inspired the game.

2. Games are terrible.

In the 70s, games sold as toys and they were all terrible. They suffered from stupid, and random mechanics: Roll a die and move that many spaces. The winner becomes obvious long before the end, yet they took forever to finish. Games covered prosaic subjects like Life and Payday, or financial wish-fulfillment like Monopoly or, well, Payday. Still, I liked games enough that I even played terrible ones endlessly. (Except, of course, for Monopoly, which I suspect Hasbro makes to convince millions that games are tedious. I cannot fathom their plot’s endgame.) My standards were so low that I liked the 1974 game Prize Property where you launched legal actions against your opponents to stall their building developments. Legal actions. The box claimed fun for ages 9 and up.

People suffered from narrow ideas about what a game could be. Someone wins, someone loses, the game never extends past the board and never continues after you close the box.

Before I saw D&D, I sat with a sheet of graph paper and tried to imagine how the game would play. Working from a 12-year-old’s lunch-room pitch, I got nowhere. From my experience rolling a die and moving that many squares, I had no clue how a game could allow the things the kids claimed.

So in a mere 48 pages, the Holmes Basic D&D rule book shattered my notion of what a game could be.

Later, when I described the new game, everyone asked the same questions: “How do you win?” and then, “if you can’t win, what’s the point?” Everyone struggled to grasp the notion that you played to have fun without any chance of winning. For more, see But how do you win?

3. Only young children should roleplay.

People sometimes say that D&D did not invent the roleplaying game. Kids have always roleplayed; we just called it make believe. By spreading roleplaying beyond the playground, D&D alarmed parents, ministers, and other responsible adults.

When D&D first reached mainstream attention, reporters painted the game as a “bizarre” activity enjoyed by “secretive” and “cultish” players.  Parents feared that playing a role in D&D would lead their children to confuse fantasy with reality. After all, wasn’t anyone old enough for such a complicated game too old for make believe? Kids talked about being a wizard or a thief and folks worried that kids believed it. See The Media Furor that Introduced the “Bizarre Intellectual Game” of Dungeons & Dragons to America.

D&D’s revolution went beyond make believe. Much of the appeal came from playing a character with stats that carried to the next session, and from the idea that characters gained experience and improved. In Playing at the World, while describing D&D’s reception, Jon Peterson shows new players and reviewers always touting the experience system. The steady reward of experience and levels forged an obsession for many players. The combination proved so compelling that just about every computer role-playing game borrows it.

4. Dungeons are just medieval jails.

Zombies and vampires appear everywhere in popular culture. Both archetypes seem medieval, but the popular conception of zombies only dates back to George Romero’s 1968 movie Night of the Living Dead.

The concept of a dungeon as an underground sprawl with monsters and treasures, is even newer.

In the fantasies that inspired the game, no character explores a sprawling dungeon. At best, you can find elements of the dungeon crawl, such as treasure in the mummy’s tomb, orcs in Moria, traps and underground cities in a Conan yarn, and so on. Forget Indiana Jones; he came later.

Now, the dungeon adventure qualifies as a trope that appears in virtually every computer fantasy game.

Stone Mountain dungeon cross section from 1977 basic set

In my world before D&D, games gave the fun of launching legal action against fellow real estate developers. When I opened the basic rules, I could brave the peril and mystery of the dungeon shown in the Stone Mountain cross section. Still today, no image inspires my enthusiasm to play as much. I jumped from property law to Greyhawk.

For more, see How the Dungeon Powered the Success of D&D and the First Role-Playing Games.

By the end of the 70s, fandom had yet to dominate popular culture, but Star Wars and Superman and Dungeons & Dragons had established a beachhead. The gains would only continue.

For me, the 48 pages of the 1977 Basic Set did more than introduce the best game in the world, those pages turned some of what I understood upside down.

Categories: Tabletop Gaming Blogs

Gaming From The Fringes - 'Fantasy Gamer's Compendium, Revised and Expanded By Game Science' - Cha'alt/Godbound Campaign Commentary

Swords & Stitchery - Mon, 02/03/2020 - 22:26
I'm looking for a stop gap organization that's been observing the 'goings on' of the Cha'alt warp in my Cha'alt/Godbound campaign. The  'Order of the Lords of Mystery' fills the gap nicely & comes from a very prolific & unexpected source namely Game Science. The year is Nineteen Ninety & a new edition of 'The  Fantasy Gamer's Compendium, Revised and Expanded' comes into my hands. Phil Edgren, Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

A week in security (January 27 – February 2)

Malwarebytes - Mon, 02/03/2020 - 19:00

Last week on Malwarebytes Labs, we looked at the strengths and weaknesses of the Zero Trust model, gave you the low-down on spear phishing, and took a delve into the world of securing the managed service provider (MSP).

Other cybersecurity news

Stay safe, everyone!

The post A week in security (January 27 – February 2) appeared first on Malwarebytes Labs.

Categories: Techie Feeds

High School Ministry – Feb 7th – Missionfest!

Mark Hughes (Church of the Rock) - Mon, 02/03/2020 - 18:25


This week!

Mission Fest
February 7th – Friday 7:00 – 10 PM

We will be meeting at My Church Winnipeg to experience an epic concert by BOLD AS LIONS! YAS!

The week after that…

Game Show
February 14th – Friday 7:11-10 PM

Valentine’s Gameshow and finishing our series called ‘Choose Your Own Adventure’.

The week after that…

Gargon Pt 2
February 21st – Friday 7:11-10 PM

We turn out the lights and try to find the flashlight pieces to destroy the Gargon! We start a new faith-based series on Jesus!

MONTHLY CALENDAR

 
Click here for this month’s calendar

 

The post High School Ministry – Feb 7th – Missionfest! appeared first on Church of The Rock.

Categories: Churchie Feeds

Threshold Jr – Feb 5th – Blindfold Game Night!

Mark Hughes (Church of the Rock) - Mon, 02/03/2020 - 17:57

This week!

Blindfold Night
February 5th – Wednesday 7-9 pm
How well can you rely on your other senses? Play these crazy games for prizes! We will be starting a new series on Jesus!

The week after that…

Gross Out Night Pt 2.
February 12th – Wednesday 7-9 pm

We had so much fun getting grossed out, we’re going to do it all again! We’ll continue our series on Jesus!

The week after that…

U-Puttz Amusement Park
February 19th – Wednesday **6:45-9 pm**
COST: $19

Laser Tag, Bumper Cars, Mini-Golf – Oh my! Yes, we’re going to U-Puttz to have an amazing time together! Drop-off and pick-up at church!
WAIVER FORMS NEEDED.

MONTHLY CALENDAR

  Click here for this month’s calendar

 

The post Threshold Jr – Feb 5th – Blindfold Game Night! appeared first on Church of The Rock.

Categories: Churchie Feeds

Pages

Subscribe to Furiously Eclectic People aggregator